Month: October 2025

Nowadays, most application requires authentication and authorization due to increased threat levels, and not only do they need to be secured, but also scalable due to increased traffic volume. It’s not that the application doesn’t have authentication and authorization in place, but the point is, does it provide security, scalability, and more features around this

What Are Passkeys? You know how annoying it is to remember all those different passwords for every single website? And how terrifying it is when you hear about a company getting hacked, and suddenly, your password for that site might be out there? Well, imagine logging into PayPal without a password, and even if PayPal’s

Microservices at Adobe Adobe’s transformation from desktop applications to cloud offerings triggered an explosion of microservices. Be it Acrobat, Photoshop, or Adobe Experience Cloud, they are all powered by suites of microservices mainly written in Java. With so many microservices created, every developer had to go through the same painful processes, i.e., security, compliance, scalability,

The emergence of AI agents has created a “security ticking time bomb.” Unlike earlier models that primarily generated content, these agents interact directly with user environments, giving them freedom to act. This creates a large and dynamic attack surface, making them vulnerable to sophisticated manipulation from a myriad of sources, including website texts, comments, images,

As artificial intelligence advances at rates never previously encountered, its impact upon society is taking hold ever more profoundly and extensively. From autonomous vehicles and personalized medicine to generative media and intelligent infrastructure, AI is changing every area it touches. But lurking in the background of these revolutionary promises is a chilly, black fear: Are

In 2025, software development is evolving rapidly with the rise of Vibe Coding and Agentic AI, but so is the cryptographic landscape that underpins these systems. As quantum computing moves closer to practical applicability and encryption standards become outdated, one imperative is becoming unavoidable: crypto agility. Crypto agility, the ability of systems to switch between

After years of working from the comfort of Python and Django, I moved to the wild asynchronous world of FastAPI to improve latency in web-based AI applications. I started with FastAPI and built an open-source stack called FastOpp, which adds command-line and web tools similar to Django. Initially, things went smoothly using SQLite and aiosqlite to add

Secrets management in AWS has traditionally relied on long-lived secrets stored in Secrets Manager or Parameter Store. But as attack surfaces grow and threat actors become faster at exploiting exposed credentials, even rotated secrets begin to look like liabilities. The future of security in AWS leans toward ephemeral access, where credentials are generated just-in-time, scoped

The Challenge Developing open-source software for deployment on Arm64 architecture requires a robust continuous integration and continuous deployment (CI/CD) environment. Yet, there has historically been a disparity between the levels of support for Arm64 and traditional x86 processor architectures, with Arm64 usually at a disadvantage. Developers of infrastructure components for multiple architectures have certain expectations

Managing public key infrastructure (PKI) is challenging, especially in dynamic, cloud-native environments. In the “good old days,” you could create a virtual machine, place a certificate on it, and forget about it for a couple of years (or at least until the certificate expired). But as modern infrastructure has evolved, a more automated and scalable